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DETAILED ACTION 

1. Original application contained claims 1 - 25. Claims 1, 5, 6, 9, 11, 13, 14 and 20 
- 24 have been amended; and new claims 28 and 29 have been added in an 
amendment filed on 01/13/2006. The amendment filed have been entered and made of 
record. Presently, pending claims are 1 - 25. 

Response to Arguments 

2. Applicant's arguments with respect to instant claims have been fully considered 
but are moot in view of the new ground(s) of rejection. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 
A person shall be entitled to a patent unless - 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

3. Claims 1 , 2, 8 - 1 3, 1 5, 1 9, 21 , 23 and 24 are rejected under 35 U.S.C. 1 03(a) as 
being unpatentable over Hind (Patent Number: 6823454), in view of Rowney (Patent 
Number: 5996076). 
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As per claim 1 and 21 , Hind teaches a method for automatic installation of a 
digital certificate on a cable modem in a data-over-cable system, the method 
comprising: 

determining whether a digital certificate is installed on the cable modem (Hind: 
Column 14 Line 1 - 3, Column 9 Line 28 - 31 and Column 8 Line 14-16: the wireline 
connections using the physical cable media must incorporate a cable modem within a 
server system, namely, CMTS (Cable modem Termination System), which is well 
known in the field); if not, generating a digital certificate filename on the cable modem 
(Hind: Column 1 3 Line 58 - 64). Hind teaches, if not, downloading the device certificate 
from the server device to client device (Hind: Column 13 Line 58 - 64); however, Hind 
does not disclose generating a digital certificate filename on the cable modem for 
downloading purpose. 

Rowney teaches generating a digital certificate filename on the cable modem 
(Rowney: Column 4 Line 54 - 63 and Column 163 Line 22 - 26). 

sending a digital certificate request including the digital certificate filename to a 
predetermined network server; receiving a digital certificate file including at least one 
digital certificate from the network server; and storing the at least one digital certificate 
received from the network server on the cable modem (Rowney: Column 4 Line 54-63 
, Column 154 Line 62 - 65 and Column 163 Line 22 - 24); and 

wherein the digital certificate is required to authenticate the cable modem on a 
Cable modem Termination System (CMTS) (Hind: Column 9 Line 28-31, Column 8 
Line 1 4 - 1 6 & Column 3 Line 54 - 56 and Column 1 3 Line 13-17). 



Application/Control Number: 10/075,926 Page 4 

Art Unit: 2131 

It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine the teaching of Rowney within the system of Hind 
because (a) Hind teaches a dynamic / flexible mechanism to obtain a device certificate 
during initialization of the device (Hind: Column 13 Line 58 - 60) and (b) Rowney 
teaches a more secure and flexible certificate delivery and installation method over a 
public communication system, such as internet (Rowney: Column 154 Line 62 - 65, 
Column 163 Line 22 - 24 and Column 4 Line 1 - 4). 

As per claim 2 and 15, Hind as modified teaches having stored therein 
instructions for causing a processor to execute the method of claim 1 (Hind: Figure 1 A). 

As per claim 8, Hind as modified teaches obtaining a globally routable network 
address on the cable modem prior to sending the digital certificate request to the 
network server (Hind: Column 13 Line 29 - 40: the Domain Name Server DNS/DHCP 
system assures that both the server and client (i.e. server device and client device) 
must use a globally routable network address (i.e. global IP address) in order to access 
the network entities on external networks); and employing the globally routable network 
address for sending the digital certificate request to the network server (Hind: Column 
13 Line 29 - 40: the request / response are exchanges with standard global IP protocol 
messages). 
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As per claim 9, Hind as modified teaches retrieving network address information 
from at least one data packet sent from at least one customer entity (Hind: Column 2 
Line 63: masquerading attack as disclosed by Hind is a way to retrieve network address 
information from at least one data packet sent from at least one customer entity); and 
obtaining a physical address of a network gateway associated with the at least one 
customer entity (Hind: Column 2 Line 21 -48: the MAC address (besides the IP 
address) of the router / gateway is needed for the routing protocol before the messages 
can be successfully routed over the networks via network router located on its own 
network segment (or subnet)). 

As per claim 10, Hind as modified teaches the network address information 
comprises on Internet Protocol address and a Medium Access Control address 
associated with the customer entity (Hind: Column 2 Line 16-67: both Internet Protocol 
address and a Medium Access Control address are required for standard IP network 
protocol). 

As per claim 1 1 , Hind as modified teaches validating the at least one digital 
certificate received from the network server prior to storing the at least one digital 
certificate on the cable modem (Hind: Column 14 Line 12-14). 

As per claim 12, Hind as modified teaches the at least one digital certificate 
comprises a device digital certificate (Hind: Column 13 Line 13-14). 
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As per claim 13, Hind as modified teaches the at least one digital certificate 
further comprises a cable modem manufacturer digital certificate (Hind: Column 14 Line 
2). 

As per claim 19, Hind as modified teaches the at least one digital certificate for 
the cable modem is generated on the network server (Hind: Column 13 Line 58 - 64). 

As per claim 23, Hind as modified teaches wherein the network server's address 
is installed on the cable modem prior to requesting, the digital certificate from the 
predetermined network server (Hind: Column 1 Line 40 - 42: constant IP address). 

As per claim 24, Hind as modified teaches the cable modem is further arranged 
to install the digital certificate in a memory unit upon receiving the digital certificate from 
the network server (Hind: Column 13 Line 58 - 64). 

4. Claims 3 - 7, 16, 18, 22 and 25 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Hind (Patent Number: 6823454), in view of Rowney (Patent Number: 
5996076), in view of Loukianov (Patent Number: 6715075). 

As per claim 3,18 and 22, Hind as modified does not disclose the network server 
comprises a Trivial File Transfer Protocol server. 
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Loukianov teaches the network server comprises a Trivial File Transfer Protocol 
server (Loukianov: Column 1 Line 65 - 67, Column 2 Line 1 1 - 22 and Column 3 Line 
45 - 55). 

It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine the teaching of Loukianov within the system of Hind as 
modified because (a) Hind teaches device certificate authentication mechanism and (b) 
Loukianov teaches providing a secure device certificate method for cable modem 
systems by using a hash signature (Loukianov: 2 Line 1 1 - 22). 

As per claim 4 and 25, Hind as modified teaches the digital certificate comprises 
an X.509 security digital certificate (Loukianov: Column 3 Line 54 - 55). Same rationale 
of combination applies here as above in rejecting the claim 3. 

As per claim 5 and 16, Hind teaches a device ID is included in the device 
certificate (Hind: Column 3 Line 60 - 61 ). However, Hind does not disclose expressly a 
digital certificate filename comprises using a type of the cable modem, a physical 
address of the cable modem and an authentication data string. 

Loukianov teaches a digital certificate filename comprises using a type of the 
cable modem, a physical address of the cable modem and an authentication data string 
(Loukianov: Column 2 Line 50 - 54 and Column 2 Line 19-20; Hind: Column 3 Line 60 
- 61 : Examiner notes a certificate filename is used to uniquely identify a device 
certificate and thereby certificate ID is equivalent to a certificate filename. Device 
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certificate ID includes a device ID (Hind: Column 3 Line 60 - 61 ) and, besides, the cable 
modem device can also uniquely identified by MAC address and a certificate can be 
uniquely identified by certificate hash value as taught by Loukianov (Loukianov: Column 
2 Line 50 - 54 and Column 2 Line 19 - 20). Therefore, a digital certificate filename 
comprises using a type of the cable modem, a physical address of the cable modem 
and an authentication data string). 

Same rationale of combination applies here as above in rejecting the claim 3. 

As per claim 6, Hind as modified teaches the authentication data string is 
generated on the cable modem by applying a hash function to at least one configuration 
setting associated with the cable modem (Loukianov: Column 2 Line 19 - 20). 

As per claim 7, Hind as modified teaches the at least one configuration setting 
comprises a MAC address, a serial number or a secret string (Loukianov: Column 2 
Line 19-20). 

5. Claims 14 and 20 is rejected under 35 U.S.C. 103(a) as being unpatentable over 
Hind (Patent Number: 6823454), in view of Rowney (Patent Number: 5996076), and in 
view of Kent (Patent Number: 6671804). 



As per claim 14, Hind teaches a method for providing digital certificates to at 
least one network device in a data-over-cable system (Hind: Column 9 Line 28 - 31 and 
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Column 8 Line 14 - 16: tine wireline connections using the physical cable media must 
incorporate a cable modem within a server system, namely, CMTS (Cable modem 
Termination System), the method comprising: 

the digital certificate is required to authenticate the cable modem on a Cable 
modem Termination System (CMTS) (Hind: Column 3 Line 54-56 and Column 13 Line 
13-17). 

Hind does not disclose expressly receiving a digital certificate request including a 
digital certificate filename on a network server from a network device. 

Rowney teaches receiving a digital certificate request including a digital 
certificate filename on a network server from a network device (Rowney: Column 4 Line 
54 - 63 and Column 163 Line 22 - 26); 

generating at least one digital certificate for the network device; and providing the 
at least one digital certificate .from the network server to the network device (Rowney: 
Column 4 Line 54 - 63 , Column 154 Line 62 - 65 and Column 163 Line 22 - 24). 

It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine the teaching of Rowney within the system of Hind 
because (a) Hind teaches a dynamic / flexible mechanism to obtain a device certificate 
during initialization of the device (Hind: Column 13 Line 58 - 60) and (b) Rowney 
teaches a more secure and flexible certificate delivery and installation method over a 
public communication system, such as internet (Rowney: Column 154 Line 62 - 65, 
Column 163 Line 22 - 24 and Column 4 Line 1 - 4). 
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Hind as modified does not disclose expressly authenticating the request on the 
network server using at least one parameter specified in the digital certificate filename. 

Kent teaches authenticating the request on the network server using at least one 
parameter specified in the digital certificate filename (Kent: Column 10 Line 9-22). 

It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine the teaching of Kent within the system of Hind as 
modified because (a) Hind teaches device certificate authentication mechanism and (b) 
Kent teaches providing a enhanced secure validation mechanisms by verifying the 
certificate requests information from a plurality of requesters (Kent: Column 2 Line 59 - 
63, Column 10 Line 9 - 40). 

As per claim 20, Hind as modified does not disclose expressly requesting a 
digital certificate from a second network server upon receiving the digital certificate 
request from the cable modem; and receiving the digital certificate on the network 
server from the second network server, wherein the second network server comprises a 
certificate authority server, 

Kent teaches requesting a digital certificate from a second network server upon 
receiving the digital certificate request from the cable modem; and receiving the digital 
certificate on the network server from the second network server, wherein the second 
network server comprises a certificate authority server (Kent: Figure 1 Element 
1 10/120/130 and Column 4 Line 27 - 30). 

Same rationale of combination applies herein as above in rejecting the claim 14. 
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6. Claim 17 is rejected under 35 U.S.C. 103(a) as being unpatentable over Hind 
(Patent Number: 6823454), in view of Rowney (Patent Number: 5996076), in view of 
Loukianov (Patent Number: 6715075), and in view of Kent (Patent Number: 6671804). 

As per claim 17, Hind as modified does not disclose generating an authentication 
data string on the network server; and comparing the authentication string generated on 
the network server with the authentication data string specified in the received digital 
certificate filename. 

Kent teaches generating an authentication data string on the network server; and 
comparing the authentication string generated on the network server with the 
authentication data string specified in the received digital certificate filename (Kent: 
Column 10 Line 9-40: the authentication string is the public key of the requester). 

It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine the teaching of Kent within the system of Hind as 
modified because (a) Hind teaches device certificate authentication mechanism and (b) 
Kent teaches providing a enhanced secure validation mechanisms by verifying the 
certificate requests information from a plurality of requesters (Kent: Column 2 Line 59 - 
63, Column 1 0 Line 9 - 40). 
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Conclusion 

Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Longbit Chai whose telephone number is 571-272-3788. 
The examiner can normally be reached on Monday-Friday 8:00am-4:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz R. Sheikh can be reached on 571-272-3795. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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Examiner 
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